Category Archives: books

You don’t have to be my most devoted follower to know my general attitude to the season of humbuggery. In summary, I don’t hold with it. I don’t send cards, I don’t give presents (except to children), and I try hard to discourage anyone giving me such things. If I should happen to get you a present, it’ll be a random time of year, and probably opportunistic.

This year for the first time in many, I’ve had a genuinely pleasant surprise with a present. A coffee-table book[1] entitled simply “Beer” amused me when I first opened it, and I think it’s going to be a delight to have around. Thank you F. !

Also for the first time for a while, I’ve overeaten in company on this day. I know my host is a regular reader (and would probably have been eating meat if I hadn’t been there), so thank you again for a truly delicious lunch and entertaining company.

[1] Any normal book I’d rather have in electronic form than on paper, as I lack space to store the latter. Music is an exception. The coffee-table book is another, that hadn’t even occurred to me before!

My previous e-reader having died, I found the pocket-friendly form and market-beating price tag of the kindle irresistible. If I stick to Project Gutenberg for my books, I’m not sucked in to Amazon’s Orwellian World, but I have the advantages of the latest technology (including notably an e-ink screen that is no longer slow) fronting my library.

But what about the with-keyboard versions? That’s potentially an even more interesting device, depending on what software I can run on it. If I can install some basic utilities it becomes truly the ideal portable computer. How basic? Just a text editor and it becomes the ideal companion for events like FOSDEM and for real backpacking, with both keyboard and screen being a whole lot better to use than the pocket-puter (aka smartphone), as well as decent battery life. Add a set of regular smartphone/tablet-like apps (like email, calendar, notebook) and the ability to install apps, and it really begins to look like the device I’m waiting for.

Is that feasible? A couple of shops where I’ve asked say no chance. What would I have to do to make it happen? And is anyone playing with interesting ideas like running Linux or an open-ish Android on a kindle?

A reader has pointed out a second serious error in my book. Unlike the first, this one is obscure: noone in real life would use Digest Authentication for mod_authnz_day where there are no secrets to protect! But my reader evidently used the code as a template for something and discovered the error.

The error is on Page 195, where apr_md5 is used to compute an MD5 hash. apr_md5 in fact computes a binary digest, which then has to be encoded to the hash we need (as in htdigest). This is very simply accomplished by using ap_md5 in place of apr_md5 in our code. I have added it to the book pages errata section, and corrected the code downloadable from there.

Fortunately my correspondent was extremely complimentary about the book in general: evidently it is achieving its purpose of helping a programmer surmount the learning curve to working productively with Apache HTTPD.

He also wondered whether I have any plans for a second edition: a question I have contemplated but not acted on as we approach the release of a new stable 2.4 branch. Since 2.4 doesn’t actually obsolete 2.2 (or indeed 2.0) programming skills, my feeling is that the book remains valid, and my time would be better spent writing some supplementary standalone articles to deal with what’s changed. But then, if I do that then it’s a relatively small step to a second edition with additional chapters. Hmmm ….

Thanks to Brad Goodman for alerting me to the error, and for being so nice about it!

I’ve just download a preview of Ivan Ristic’s latest work: a handbook for mod_security. Readers will recollect that Ivan is both the original developer of mod_security, and author of the most comprehensive existing book on Apache security (reviewed here), so his handbook should be worth a look. He was also tech reviewer for my apache modules book, so I guess I owe him any feedback I can find time for!

As befits a handbook, it’s a lot shorter than his previous book: currently about 100 pages, though that’s with gaps that’ll grow the page count quite a lot when filled. It comes with the promise that it will be continually updated, which clearly favours electronic distribution, though paper will also be available.

The first question I usually ask about a techie book is: what does it add to the documentation available online? A glance at this book suggests, quite a lot. My impression of mod_security hitherto has been that it’s interesting (especially after seeing Ivan’s talk at ApacheCon 2008) but under-documented compared to httpd itself: this book fills a gap. It could become the One True reference work on the subject for anyone deploying the module.

For my part, I’ll be looking with particular interest at how he deals with rulesets. They’re the aspect of mod_security that’s outside my core competence as developer and in the realm of the sysop. I don’t believe I have a use for mod_security myself, but a new insight into how he maps use cases to rulesets might provoke me to re-evaluate that.

I have one reservation about reading this: I have several ideas for the apache core that very probably duplicate things mod_security offers. No, they wouldn’t be in competition with it, they’d just be offering comparatively minor features: for example, extending the “RequestHeader edit” feature of mod_headers (apply a regexp search-and-replace to incoming request headers) to a security feature. Reading the book runs the risk of my ideas becoming ripoffs of mod_security.

Now I’ve got it on paper, from someone called Rust Consulting, and referencing www.googlebooksettlement.com. This one makes sense, and looks credible, though I’ll still have to google these folks to check for any suspicion of a scam.

Seems I have the choice to accept the settlement and possibly become eligible for some google-money in return for waiving any right to sue them over copyright, or opt out and retain my rights. Well, the latter would obviously be nonsense for me as an individual, even if I wanted to sue. My publisher (a $8-billion company) would have the resources to sue, but that’s not going to happen, nor would I want to get involved if it did.

So I guess that just leaves the question: do I get some google-gold? The settlement provides for google to make money from books, and pay 63% of that to rightsholders. But this begs the question: how is that allocated between the author and the publisher? Our contract obviously doesn’t cover revenues from google, and I’m not sure what general/catchall clauses might apply here. Other things being equal, it would probably be best if google pays the publisher, and my share gets added to my royalty cheques, to avoid the high cost of cashing a separate dollar-cheque from google.

Whether the same reaction would apply to a professional author – one for whom writing was their main occupation – is a different question. I’ll leave that to them.

I’ve just received email about the “google book settlement”, and I honestly can’t tell whether it’s somewhat-genuine or a scam.

On the plus side, it’s addressed to me, and is from someone at a reputable agency with whom I have communicated (about 3 years ago), studiob. That is, if it’s not merely forged as being from there. On the suspect side is a “please read” pretend-attachment which is in fact a link to a site I’ve never heard of, and an honest link to http://www.googlebooksettlement.com (whozat?). Furthermore the “attachment” is a complex .cfm URL containing what might be individualised tracking information.

Googling the subject, I find reference to the settlement, and it talks of “orphaned” books. Meaning books whose authors/copyright holders can’t be contacted. Well, that doesn’t apply to me: my publisher and I are both alive and well, and neither of us is hiding! Other references just talk of a one-off payment to groups purporting to speak for copyright holders, which presumably does include me and/or my publisher.

Well, if Google is going to pay good money for the privilege of making my work available, that’s fine by me. Not that I’m going to lose too much sleep about the risk of missing out on it. But shouldn’t I expect to hear from them or (more likely) from my publisher rather than some third-party with only the most tenuous connection?

Dear lazyweb, is this something I should take the trouble to find out about?

Lots of people I know like books. But many – including me – lack the space to keep as many as they’d like. E-books offer a solution to that, accommodating a large library in less space than a single bookcase.

This year I’ve taken the plunge, and bought some, and given them as presents to my, erm, nearest and dearest. Specifically, one to the girlfriend, and one to the parents. The latter just got it yesterday evening, as I’m visiting for the weekend.

I was a little unsure about the parents: my dad is a bit of a technophobe, and could’ve turned his nose up at it. But he’s also a huge bibliophile and laments bitterly the lack of space for a proper library. The mother is happy with technology, but though she enjoys a good read she’s not such a bookworm as to suffer from only having a few hundred in the house.

Turns out I needn’t have worried: both parents love it, and I’m going to have to get them another, or they’ll be fighting over it! Interestingly, they’ve previously seen and disliked an e-book reader: the one marketed by Waterstones, which I believe is by Sony. So it’s just as well I’d selected the BeBook, though my choice was governed more by an evidently-enlightened attitude to Freedom, with a wide range of formats supported rather than a tie-in to someone’s restrictions.

The BeBook is indeed a nice product for its intended purpose. For the size and weight of a slim paperback, you can carry a library of thousands. It has a tiny battery with a long life. It is indeed easy to use and comfortable to read, and offers some additional goodies like audio book support. 150 titles – works out of copyright, being mostly but not exclusively books – are bundled, and the BeBook website claims to offer another 20000 for free download. Plus of course a rapidly-growing number of titles available for purchase, in both DRM-encumbered and unencumbered formats.

At the same time, this is clearly an emerging technology with a way to go. Navigation is rather slow, and will doubtless be more smoothly and elegantly presented in future devices, though at the same time has some excellent features like well-designed automatic bookmarking of your place in a book. There are quite a few mild to moderate glitches in the 150 free titles bundled with it, though nothing that’s a showstopper (so far as I’ve seen). And it can’t download books directly: it relies on a USB connection to a computer to do the work. Oh, and this is a device crying out for a touchscreen, though I’ve a suspicion that would require a much bigger battery or kill the battery life.

Got a package from my publisher today. “DESARROLLO DE MÓDULOS Y APLICACIONES CON APACHE”. Yep, author copies of the spanish translation of the Apache Modules Book. I knew about this from having received the royalty, but this is physical copies!

Since I don’t myself speak spanish, I have no use for this. Can send to someone who has a use for it, for the cost of postage if you’re someone I consider a friend and/or can demonstrate opensource credentials. And for these purposes, you may count as a “friend” on a pretty tenuous link: for example, if I’ve ever commented on your blog, it seems likely you’re someone I consider worth my time and effort!

Got my third royalty cheque for the Apache Modules Book today. It’s well down on the first one (which was no doubt inflated by latent demand in a subject where it is still the only book) and indeed on the second one.

The salient feature this time is a payment for the Chinese translation, which (I presume) came out sometime early this year. Last time there was a similar payment for the Spanish translation. DrBacchus told me it was likely to be a one-off payment, and he was right: there’s nothing from the spanish edition this time. Oh well, I expect the chinese will be the same.

I arrived home today to my second royalty cheque for the book. This one, which is for the period July-December 2007, is sadly smaller than the previous one: presumably that must’ve been boosted by a burst of initial sales where there was a previously-unmet demand.

One interesting item was “Subsidiary Rights” from Grupo Anaya, S.A., who appear to have published a spanish translation. This is the first I’ve heard of it, though I had been told by a fellow author (probably DrBacchus, though I can’t recollect for certain) that translations might happen without my hearing of them. As with the chinese translation, I’m thrilled to hear that it’s available in another of the world’s most important languages.

In money terms, the spanish royalty accounts for nearly as much as the English edition! There’s no mention of the chinese translation, but then that won’t’ve hit the shelves during this royalty period. I wonder if that’ll be a worthwhile item next time?